1

How can I handle concurrent access in Java Spring?

A different id should not be allowed for the same user. Say:

a. If user is logged-in using a browser (say IE), he/she should be prompted to re-login when trying to access the system using another browser (say firefox).

Meredith
  • 3,928
  • 4
  • 33
  • 58
user2672166
  • 11
  • 3
  • Why oh why? That will only frustrate the users, and won't provide any security improvement. People have several computers, tablets and phones nowadays. It's frequent to use several computers and browsers in parallel. – JB Nizet Aug 11 '13 at 11:36

1 Answers1

0

Use Spring Security. Spring Security can be configured to only allow for a single concurrent session at a time.

Here is the JavaDocs: http://static.springsource.org/spring-security/site/docs/3.0.x/apidocs/org/springframework/security/web/session/ConcurrentSessionFilter.html

And here's another StackeOverflow question that talks about it: Session Management using Spring Security: Concurrent sessions

Community
  • 1
  • 1
SBerg413
  • 14,515
  • 6
  • 62
  • 88